
![]() |
Edward Lowton
Editor |
![]() ![]() |
Home> | Plant, Process & Control | >Industry 4.0 | >Security challenges for manufacturers |
Security challenges for manufacturers
05 June 2020
Amrit Williams, Chief Product Officer, Skybox Security, looks at the top three security challenges for manufacturers and how to overcome them
Cybersecurity needs to play a central role in manufacturers’ business continuity plans. Although it may seem like a lot of the world has been put “on pause” for a few months, cyber criminality is sadly not experiencing a similar hiatus. Manufacturers must ensure that security is a priority – it is with strong cybersecurity processes that they will be assured that their operations will be able to continue unabated, sensitive data will be protected and they don’t fall foul of compliance.
Manufacturing companies face a number of challenges unique to their sector. They have highly fragmented security environments, sensitive data to protect including blueprints and new product designs, and usually work with operational technology which is notoriously hard to secure. On top of all that, they must take note of an increasing number of internet-connected IoT devices they need to protect too.
For manufacturers to deliver adequate levels of cybersecurity, they need to make sure that they are confident in their ability to meet the following three challenges head-on. If they can do so, then they will be in a good position to help their businesses to navigate the choppy waters ahead.
Challenge 1: Complex, fragmented and diverse network infrastructure
Solution: Gain context-informed visibility of the entire attack surface
Manufacturers are well aware of the need to improve their cyber risk posture but may not know where to start. Due to their diverse hybrid IT-OT network infrastructure, they need to begin by building a foundation upon which they can develop ongoing visibility of their entire attack surface. Importantly, they also need to understand the context of their vulnerabilities and assets – it’s only by knowing how exposed critical assets are to risk that they will be able to effectively prioritise their remediation.
Challenge 2: Insecure cloud services
Solution: Eliminate misconfigurations with process improvements; use a central dashboard to identify risks, unify security policy management and intelligently plan risk mitigation/remediation
Use of private or public cloud services will add additional levels of complexity; not necessarily within the services themselves, but relating to the security which surrounds them (including configuration issues, risky access rules, etc.).
To improve cloud security, organisations should create a central dashboard that models the entire estate, including any cloud services, so that they can see where their biggest breach risks exist. They should also prioritise the unification of security policy and compliance management, embed better security practices within their DevOps teams, ensure that cloud environments are regularly tested, enforce strict multi-factor authentication, be stringent with the authorization of managed policies, and know where all ingress and egress points exist and who has access to them.
Challenge 3: Expanding attack surface in the move to Industry 4.0 and IIoT
Solution: Network segmentation to cordon off higher risk parts of the network; risk-based vulnerability prioritisation
As manufacturing businesses grow, they need to ensure their networks are segmented effectively, especially in the era of industrial IoT. Network segmentation is a vital way organisations can improve their risk posture by allowing security teams to cordon off vital parts of the network. For example, they could segment off the location of sensitive files or the assets used by one of its production plants.
After segmenting the network, security professionals can model networks to check staff members’ access controls are correctly configured and automate ongoing security monitoring and analysis. If IT teams do not restrict the ability to access confidential resources or mission-critical assets, particularly now that the network perimeter has expanded to accommodate a remote workforce, the likelihood of data breaches and lapses in compliance increases
If manufacturers are confident in their ability to cover these fundamental security challenges, then they will have established a firm base that will support the execution of any emerging digital transformation initiatives. Cybersecurity is central to smooth and continuous operations. Getting it right will never be easy, but it will always prove its worth.
- Skills Minister joins the Enterprise Forum and Semta to debate ‘Skills for the Future’
- BPMA announces new President
- Oil cleaning system helps eliminate machine breakdown
- 2020 ends on a positive of sorts
- Almost a third of SME manufacturers moving supplier base from EU to UK, according to new research
- Applied intelligence key to efficient order fulfilment
- Fast fashion, faster robotics
- A quarter of UK businesses fully prepared for end of Brexit transition
- Gutter clearing and roof repair saves money in the long term
- World Economic Forum launches global business COVID action plan
- Introducing Industry 4.0 to SMEs
- Enhance maintenance practices
- Digital transformation: Customer insight matters
- IoT digital experiments as a service
- Smarter maintenance: Paper available
- Condition monitoring & Industry 4.0
- Smart data collection
- Mechanised welding, cutting and Industry 4.0
- Tomorrow’s tech is here today
- The business value of Industry 4.0